File permissions in Linux are essential for system security, controlling who can access, modify, or execute files and directories. In this guide, we’ll explore how Linux file permissions work, how to manage users and groups, and how to configure file access using various Linux utilities.
1. Introduction to Linux File Permissions
Linux uses a permission-based model to secure its file system. Every file or directory is associated with:
- Owner: The user who owns the file.
- Group: A set of users who can access the file.
- Others: All other users on the system.
Permissions define what actions these categories of users can perform on a file or directory.
2. File Types in Linux
Files in Linux can be of different types, indicated by the first character in the output of ls -l:
-
-: Regular file -
d: Directory -
l: Symbolic link -
c: Character device file -
b: Block device file -
n: Network device file
3. File Permission Structure
File permissions are represented using a three-character triplet:
- r: Read (4) - View file contents
- w: Write (2) - Modify file contents
- x: Execute (1) - Run the file as a program
Example:
-rwxr-xr-- 1 theerej developers 4096 Dec 9 sample.sh
Here’s the breakdown:
-
rwx- Owner permissions (read, write, execute) -
r-x- Group permissions (read, execute) -
r--- Others (read only)
4. Default File Permissions and umask
When a file or directory is created, default permissions are assigned:
-
Files:
666(read/write for all) -
Directories:
777(read/write/execute for all)
The umask value subtracts permissions from these defaults. For example, a umask of 022 subtracts 2 from group and others:
Files: 666 - 022 = 644 (rw-r--r--)
Dirs: 777 - 022 = 755 (rwxr-xr-x)
Use umask to view or change this setting.
5. Changing File Permissions with chmod
Syntax:
chmod [permissions] [file/dir]
Octal Notation:
-
7=rwx(4+2+1) -
6=rw-(4+2) -
5=r-x(4+1) -
4=r--
Example:
chmod 755 script.sh
This sets rwx for owner, r-x for group, and r-x for others.
Symbolic Notation:
chmod u+x file.txt # Adds execute for the owner
chmod g-w file.txt # Removes write from group
chmod o+r file.txt # Adds read for others
6. Managing File Ownership with chown and chgrp
- chown: Change file owner.
chown username file.txt
- chgrp: Change file group.
chgrp developers file.txt
- Combined:
chown username:developers file.txt
7. Special File Permissions
a. Set UID (SUID) (4xxx)
- Allows files to run with the owner’s permissions.
- Example:
chmod 4755 program.sh
b. Set GID (SGID) (2xxx)
- Files inherit group ownership from the directory.
- Example:
chmod 2755 shared_dir
c. Sticky Bit (1xxx)
- Prevents users from deleting files they don’t own in a shared directory.
- Example:
chmod 1777 /shared
8. User and Group Management
Adding Users and Groups:
- Add a user:
useradd -m username
passwd username
- Add a group:
groupadd developers
- Assign a user to a group:
usermod -aG developers username
Important: Use -aG to append users to a group. Using -g alone replaces the primary group.
9. Summary
Understanding file permissions in Linux is crucial for managing a secure system. Use tools like chmod, chown, and usermod to control access effectively. Proper permission management can prevent unauthorized access and ensure a stable, secure environment.
Let me know if you would like additional examples or deeper dives into any section! 🚀
Top comments (0)